9528 matches found
RUSTSEC-2025-0113 soundness issue and unmaintained
shaman::cryptoutil::writeu64vle and other functions mentioned above cannot garantee memory safety of getunchecked later if both length are zero. shaman is unmaintained...
RUSTSEC-2025-0064 soundness issue and unmaintained
wrenrust::macros::defaultrealloc lacks sufficient checks to it pointer parameter which passed into free and realloc wrenrust is unmaintained...
CVE-2023-45853 affecting package rust for versions less than 1.85.0-1
CVE-2023-45853 affecting package rust for versions less than 1.85.0-1. A patched version of the package is available...
CVE-2022-24713 affecting package rust for versions less than regex-1.8.4
CVE-2022-24713 affecting package rust for versions less than regex-1.8.4. A patched version of the package is available...
CVE-2022-31394 affecting package rust for versions less than hyper-0.14.25
CVE-2022-31394 affecting package rust for versions less than hyper-0.14.25. A patched version of the package is available...
CVE-2022-23639 affecting package rust for versions less than crossbeam_utils-0.8.7
CVE-2022-23639 affecting package rust for versions less than crossbeamutils-0.8.7. A patched version of the package is available...
CVE-2023-26964 affecting package rust for versions less than h2-0.3.26
CVE-2023-26964 affecting package rust for versions less than h2-0.3.26. A patched version of the package is available...
Targeted Fuzzing for Unsafe Rust Code: Leveraging Selective Instrumentation
Rust is a promising programming language that focuses on concurrency, usability, and security. It is used in production code by major industry players and got recommended by government bodies. Rust provides strong security guarantees achieved by design utilizing the concepts of ownership and...
Fedora: Security Advisory (FEDORA-2025-5e5b0cc812)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
sozu (>=0.12.0 <=0.13.1), sozu-command-futures (>=0.11.59 <=0.13.6) +3 more potentially affected by CVE-2025-47737 via trailer (=0.1.2)
trailer CARGO version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on trailer and may be impacted: - sozu =0.12.0, =0.11.59, =0.12.0, =0.12.0, =0.11.59, =0.13.0 Source cves: CVE-2025-47737 Source advisory: OSV:RUSTSEC-2025-0163...
RUSTSEC-2025-0163 Unsound issue in Trailer
Our static analyzer find a potential unsound issue in the construction of Trailer, where it doesn't provide enough check to ensure the soundness. trailer/src/lib.rs, Lines 18 to 25 in d474984: pub fn newcapacity: usize - Trailer unsafe let trailer = Trailer::allocatecapacity; let ptr = trailer.pt...
CVE-2024-58253
In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value...
[SECURITY] Fedora 42 Update: rust-hickory-proto-0.24.4-1.fc42
Hickory DNS is a safe and secure DNS library. This is the foundational DNS protocol library for all Hickory DNS projects...
[SECURITY] Fedora 41 Update: rust-hickory-proto-0.24.4-1.fc41
Hickory DNS is a safe and secure DNS library. This is the foundational DNS protocol library for all Hickory DNS projects...
[SECURITY] Fedora 40 Update: rust-hickory-proto-0.24.4-1.fc40
Hickory DNS is a safe and secure DNS library. This is the foundational DNS protocol library for all Hickory DNS projects...
Fedora 40 : rust-hickory-proto (2025-5e5b0cc812)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-5e5b0cc812 advisory. Update to version 0.24.4. Also contains fixes for RUSTSEC-2025-0006. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 41 : rust-hickory-proto (2025-def79f4594)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-def79f4594 advisory. Update to version 0.24.4. Also contains fixes for RUSTSEC-2025-0006. Tenable has extracted the preceding description block directly from the Fedora security...
obfstr Type Confusion vulnerability
In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value...
GHSA-V2P5-Q653-9J99 obfstr Type Confusion vulnerability
In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value...
CVE-2024-58253
In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value...